GDPR Compliance

The General Data Protection Regulation (GDPR) is legislation that regulates data protection and privacy for all individuals in the European Union and the European Economic Area. The legislation also applies to the export of personal data outside the EU. The GDPR was adopted in April 2016, and became enforceable on 25 May, 2018. Business that are not based in the EU, but engage in global commerce are required to comply with the regulation.

All organizations that process personal data must disclose the following:

The type of data that is collected

The purpose for collecting the data

The method that is used to collect the data

How long the data is retained

Whether or not the data is shared with others

Examine the current privacy policies for all of your Magento stores to ensure that they align with GDPR requirements. Update your Google Analytics settings to ensure that its use of personal data follows GDPR requirements. Maintain transparency, and keep thorough documentation.